Does the PIX have an AUX port? Cisco routers have both, and the AUX has features which make it a better choice for a modem.

Note that the serial ports on modems are wired DCE rather than DTE. You may need to insert a crossover if you're using a console cable. (I believe some Cisco routers come with three connectors for the rolled cable: 9-pin DTE, 25-pin DTE, and 25-pin DCE.)

This can be done but is not supported by cisco.......and I wouldn't recommend setting it up....IT IS A SERIOUS PAIN and will occasoinally fail!! The modem settings have to be just right and to tell you the truth I just plain don't remember them.
If you are looking for a way to remotely configure your pix in case it goes down.
Try using a computer on the inside
Set it's modem up to connect.....
it is better if you can connect to a WIN2K server and set up remote dial-in
and use tightVNC to get to the computer and
configure the pix via telnet or PDM from there......
Here is a link to tightVNC....http://www.snapfiles.com/freeware/network/fwremote.html
Just one alternative....
Good Luck

Does this mean your dial up connection is going to terminate at the modem, then you'll Hypertrm from the modem to the PIX?? If not - is it going to terminate on the PIX? In which case can't you set up the PIX with a VTY session instead of having to do all the cable changing etc??

There are far more secure ways of accessing the PIX offsite. For example, you could setup a VPN Client (using 3-DES or AES), or PIX PDM (which uses SSL) ?
Dial-up straight into a console port will give attackers UNLIMITED chances at cracking the passwords.
Also, it's VERY UNLIKELY will fail and only give you console access. If a PIX goes down, it's usually down to a hardware fault.
If you're worried you'll lock yourself out after an unsuccessful config change, then all you have to do is reboot to restore the boot-up config, so as long as someone's on site, then not a problem.

I hate to spoil the fun, but offer this anyway.
Of course you can attach a modem directly to the console port. Depending on your particular modem, set it for 9600 baud only, no local echo, and auto answer. It could be dip switches, init strings, or a combination of both. I can provide the procedure for USR sportster modem.

You can mitigate the risks by using a "secure" modem that provides a first level username challenge/password before you get to the PIX console which should then be configured for yet another username/password challenge.
Use good password and local authentication for serial access and you should have no fear.

Alternatively, you can connect the console port to a router's AUX port. If you can get to the router, use a reverse telnet connection to the aux port and viola' you have console access to the PIX. This also gives you multiple levels of access control.

We resell managed services for routers and firewalls and a requirement is out of band access via modem. Depending on client requirements, it could be with a secure console port server with modem, or just a modem connected direct to the console port.

I have a USR Sportster modem, and if you could provide the procedure that would be great! I'd like to try it.

( ToAll: I appreciate your security concerns, however, this phone line likely would only be connected by a tech when I say so... then I can get in remotely should I not be able to get in any other way. )

10. Turn the modem back on, type ATI4 again to verify that the configuration has remained correct.

11. Power on the Cisco router(or PIX), wait full 2 minutes before plugging the modem cable into the console port.

12. Plug the RJ-45 cable into the console port of the router.

13. Power on the Modem.

14. Using HyperTerminal, dial the modem’s phone number.

15. Once you are connected, you may not get a response for up to 20-30 seconds. Be patient young Jedi. Hit <return> a couple of times and you should get a router> prompt.

16. If you get connected, and see a rommon 1> prompt, the modem was probably plugged into the router too early. Simply type reset, confirm the reload and watch the router re-load the OS and then you should see the router> prompt.

Probably wrong pinout if you are using a light blud cable that has RJ-45 on one end and 9pin on the other, with a 9-pin 25 pin adapter.
You need a 25-pin/rj45 modem connector adapter, and the black modem cable with rj-45 at both ends, or the black modem cable that comes with the new Cisco products that has RJ45 on one end and 25-pin on the other end.

I think you've got the cabling wrong... I recall that the pix series firewalls have a serial port that's wired the opposite to what you might expect. (I had problems getting my pix-515 to talk to anything for a while.) Try putting a null modem between your modem and the pix, or alternatively use an ethernet crossover cable into the rj45/db25 adapter that came with the pix.

Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …

Both in life and business – not all partnerships are created equal.
As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

The Email Laundry PDF encryption service allows companies to send confidential encrypted emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…